Security

3saul · 06-14-2006, 09:49 PM

I'm wanting my program to pass a command to the system which will unzip a password protected zip file. How can I make this system call that will include the password without someone being able to evesdrop and obtain the password? Also, by storing the password in my program as a string, would some one be able to somehow obtain the password from the binary?

**Salem** · 06-15-2006, 01:25 AM

> would some one be able to somehow obtain the password from the binary?
Unless you do something to hide it, it will be trivial to find for anyone who knows what a hex editor is.

> How can I make this system call that will include the password without someone being able to evesdrop
Probably with great difficulty.
Many system calls can be traced for debugging, so naturally anything you pass will be plainly visible to anyone with the right tools.

06-14-2006, 09:49 PM	#1
3saul Registered User Join Date: Jan 2006 Posts: 62	Security I'm wanting my program to pass a command to the system which will unzip a password protected zip file. How can I make this system call that will include the password without someone being able to evesdrop and obtain the password? Also, by storing the password in my program as a string, would some one be able to somehow obtain the password from the binary? Last edited by 3saul; 06-14-2006 at 09:58 PM.
3saul is offline

06-15-2006, 01:25 AM	#2
Salem and the hat of Jobseeking Join Date: Aug 2001 Location: The edge of the known universe Posts: 21,680	> would some one be able to somehow obtain the password from the binary? Unless you do something to hide it, it will be trivial to find for anyone who knows what a hex editor is. > How can I make this system call that will include the password without someone being able to evesdrop Probably with great difficulty. Many system calls can be traced for debugging, so naturally anything you pass will be plainly visible to anyone with the right tools. __________________ If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
Salem is offline

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Freedom Internet Security	BestGameMovie	Tech Board	3	06-03-2005 09:28 PM
Security on automated home	stimpyzu	A Brief History of Cprogramming.com	4	04-11-2004 01:14 AM
Painfully true but funny...	shaik786	A Brief History of Cprogramming.com	8	04-01-2003 03:39 PM
WindowsXP Security	Dude101	A Brief History of Cprogramming.com	19	10-03-2001 01:22 PM
security	iain	A Brief History of Cprogramming.com	0	09-20-2001 08:46 PM